<?php

function sort_out($a) 
{ 
    $b = stripslashes($a);
    $b = str_replace(";","",$b);
    $b = str_replace("'","",$b);
    $b = str_replace("\"","",$b);
    return $b;
}

 include "../php/HeaderBlock.php";
 $header = &New HeaderBlock;
 $header->highlighted="events";
 $header->print_head();
?>
<div class="content">

<div class="Middler">

<?php

$username="calendar";
$password="pw4sn6";
$database="events";

$problem_msg = "";

if (!$_POST['title'])
   $problem_msg = $problem_msg . "The event title was blank. Try again but this time make sure you enter a title (at the top of the form).<br /><br />";
if (!is_numeric($_POST['date_year']))
   $problem_msg = $problem_msg . "Invalid year<br /><br />";
if (!is_numeric($_POST['date_month']))
   $problem_msg = $problem_msg . "Invalid month<br /><br />";
if (!is_numeric($_POST['date_day']))
   $problem_msg = $problem_msg . "Invalid day<br /><br />";
if (!is_numeric($_POST['time_hour']))
   $problem_msg = $problem_msg . "Invalid starting time<br /><br />";
if (!is_numeric($_POST['time_minute']))
   $problem_msg = $problem_msg . "Invalid starting time<br /><br />";
$endtime_hour = $_POST['endtime_hour'];
$endtime_minute = $_POST['endtime_minute'];
if ($endtime_hour == "blank" || $endtime_minute == "blank") {
   $endtime_hour = "00";
   $endtime_minute = "00";   }
if (!is_numeric($endtime_hour))
   $problem_msg = $problem_msg . "Invalid finishing time<br /><br />";
if (!is_numeric($endtime_minute)) 
   $problem_msg = $problem_msg . "Invalid finishing time<br /><br />";
if ($_POST['num_user'] != $_POST['num_given']) 
   $problem_msg = $problem_msg . "Did you remember to enter the anti-spam number?<br /><br />";


$date=$_POST['date_year'] . $_POST['date_month'] . $_POST['date_day'];
$time=$_POST['time_hour'] . ":" . $_POST['time_minute'] . ":00";
$endtime=$endtime_hour . ":" . $endtime_minute . ":00";

$title=$_POST['title'];
$details=$_POST['details'];
$contact=$_POST['contact'];
$intcontact=$_POST['intcontact'];
$location=$_POST['location'];
if ($location == "OTHER") $location=$_POST['location_other'];
$keys = $_POST['keys'];
if ($keys == 'keys') {
  $mail_keys = TRUE;
  $subject = "OARC booking ".date("j M y",strtotime($date))." $time";
  $message = "A room booking has been requested for $title on ".date("l j F Y",strtotime($date))." at $time. If you can be the keyholder please confirm this on http://theoarc.org.uk/cal/index.php";
  $mail_html = "An email has been sent to the <a href=\"http://theoarc.org.uk/oarcwiki/KeyholderList\">keyholders</a>. When they have agreed to open OARC for your event, the event will no longer have (unconfirmed) after it. If you need to change any details of your event, please contact keyholders [at] theoarc.org.uk";
}
else {
  $mail_keys = FALSE;
  $mail_html = "";
  $mail_html = "Please make sure to contact a <a href=\"http://theoarc.org.uk/oarcwiki/KeyholderList\">Keyholder</a> to confirm your event. Contact all keyholders by emailing keyholders [at] theoarc.org.uk.";
}

$title = sort_out($title);
$location = sort_out($location);
$details = sort_out($details);
$contact = sort_out($contact);
$intcontact = sort_out($intcontact);



if ($problem_msg) echo $problem_msg;
else {

  mysql_connect(localhost,$username,$password);
  @mysql_select_db($database) or die( "Unable to select database");

	$q_dup = "SELECT * FROM events WHERE TITLE='$title' AND DATE='$date' AND TIME='$time' AND ENDTIME='$endtime'";
	$r_dup = mysql_num_rows(mysql_query($q_dup));
	if($r_dup == 0) {
		$query = "INSERT INTO events (TITLE, DATE, TIME, ENDTIME, LOCATION, DETAILS, CONTACT, INTCONTACT, NUMBER, CONFIRMED, KEYHOLDER) 
		VALUES ('$title','$date','$time','$endtime','$location','$details','$contact','$intcontact','','1','')";
  		mysql_query($query);
  	}
  	$q_link_no = "SELECT NUMBER FROM events ORDER BY NUMBER DESC LIMIT 1";
  	$r_link_no = mysql_result(mysql_query($q_link_no),0);
  	$event_link = "view.php?id=$r_link_no";

  mysql_close();

  if ($keys == 'keys') {
    $email_header = "From: OARC web site\r\n";
    mail('keyholders@theoarc.org.uk',$subject,$message,null,'-f keyholders@theoarc.org.uk');
  }


  echo "<p>Your event has been added. There's a summary below.</p>
  	     <p>$mail_html</p>
   	<p>Once your event is confirmed ...</p>
	<ul>
	<li>You can add it to the <a href=\"http://www.indymedia.org.uk/en/regions/oxford/\">Oxford Indymedia calendar</a>.</li>
	<li>If you have just booked an evironmental event, you might want to add it to the <a href=\"http://tvca.ox4.org/announce.php\">Thames Valley Climate Action group's list of events</a>.</li>
	</ul>
	
	<p><b>Event summary:</b><br />
	Title: $title<br />
  	Date: ".$_POST['date_year']."-".$_POST['date_month']."-".$_POST['date_day']."<br />
  	Time: $time - $endtime<br />
  	Details: $details</p>
        <p><a href=\"$event_link\">View full event details</a>.</p>

	
<br />";
}

?>

</div>

<div class="Ftr">
<a href="index.php">Back To Calendar</a><br />
</div>

</div>
</body>
</html>

